I'll take a shot:
> *1. binary file built without LFS support* > binpac: > binary-file-built-without-LFS-support > <https://lintian.debian.org/tags/binary-file-built-without-LFS-support.html> > usr/bin/binpac > > bro (2.4.1+dfsg-2+b3; main): > binary-file-built-without-LFS-support > <https://lintian.debian.org/tags/binary-file-built-without-LFS-support.html> > usr/bin/bro > > bro-aux (0.35-1): > binary-file-built-without-LFS-support > <https://lintian.debian.org/tags/binary-file-built-without-LFS-support.html> > usr/bin/nfcollector > binpac - probably not. We should check to see what files bro-aux and bro are accessing with support for large files. > *2. binary without manpage* > binpac (0.44-1): > binary-without-manpage > <https://lintian.debian.org/tags/binary-without-manpage.html> > usr/bin/binpac > usr/bin/binpac > > btest (0.54-1): > binary-without-manpage > <https://lintian.debian.org/tags/binary-without-manpage.html> > usr/bin/btest > usr/bin/btest-ask-update > usr/bin/btest-bg-run > usr/bin/btest-bg-run-helper > usr/bin/btest-bg-wait > usr/bin/btest-diff > usr/bin/btest-diff-rst > usr/bin/btest-rst-cmd > usr/bin/btest-rst-include > usr/bin/btest-rst-pipe > usr/bin/btest-setsid > I think that these should be fixed. We really shouldn't be installing stuff in /usr/bin without manpages. I think we have most of this already documented, it'd just be a matter for formatting it the right way. > *3. hardening no bindnow* > binpac (0.44-1): > hardening-no-bindnow > <https://lintian.debian.org/tags/hardening-no-bindnow.html> > usr/bin/binpac > usr/bin/binpac > > bro (2.4.1+dfsg-2+b3; main): > hardening-no-bindnow > <https://lintian.debian.org/tags/hardening-no-bindnow.html> > usr/bin/bro > usr/bin/bro > > bro-aux (0.35-1): > hardening-no-bindnow > <https://lintian.debian.org/tags/hardening-no-bindnow.html> > usr/bin/adtrace > usr/bin/adtrace > usr/bin/bro-cut > usr/bin/bro-cut > usr/bin/ftwire2bro > usr/bin/ftwire2bro > usr/bin/nfcollector > usr/bin/nfcollector > usr/bin/rst > usr/bin/rst > > capstats (0.22-1): > hardening-no-bindnow > <https://lintian.debian.org/tags/hardening-no-bindnow.html> > usr/bin/capstats > usr/bin/capstats > This would probably be easy enough to add, though I'm not sure how useful it is. > *4. hardening no pie* > binpac (0.44-1): > hardening-no-pie <https://lintian.debian.org/tags/hardening-no-pie.html> > usr/bin/binpac > usr/bin/binpac > > bro (2.4.1+dfsg-2+b3; main): > hardening-no-pie <https://lintian.debian.org/tags/hardening-no-pie.html> > usr/bin/bro > usr/bin/bro > > bro-aux (0.35-1): > hardening-no-pie <https://lintian.debian.org/tags/hardening-no-pie.html> > usr/bin/adtrace > usr/bin/adtrace > usr/bin/bro-cut > usr/bin/bro-cut > usr/bin/ftwire2bro > usr/bin/ftwire2bro > usr/bin/nfcollector > usr/bin/nfcollector > usr/bin/rst > usr/bin/rst > > capstats (0.22-1): > hardening-no-pie <https://lintian.debian.org/tags/hardening-no-pie.html> > usr/bin/capstats > usr/bin/capstats > We have had a ticket about this, so it'd be nice to support ASLR with a configure option rather than forcing the user to override CFLAGS. > *5. no ctrl scripts* > binpac (0.44-1): > no-ctrl-scripts <https://lintian.debian.org/tags/no-ctrl-scripts.html> > > bro (2.4.1+dfsg-2+b3; main): > no-ctrl-scripts <https://lintian.debian.org/tags/no-ctrl-scripts.html> > > bro-common: > no-ctrl-scripts <https://lintian.debian.org/tags/no-ctrl-scripts.html> > > bro-aux (0.35-1): > no-ctrl-scripts <https://lintian.debian.org/tags/no-ctrl-scripts.html> > > capstats (0.22-1): > no-ctrl-scripts <https://lintian.debian.org/tags/no-ctrl-scripts.html> > I don't really understand this. > *6. static library has unneeded section* > binpac (0.44-1): > static-library-has-unneeded-section > <https://lintian.debian.org/tags/static-library-has-unneeded-section.html> > usr/lib/libbinpac.a(binpac_buffer.cc.o) .comment > usr/lib/libbinpac.a(binpac_buffer.cc.o) .comment > usr/lib/libbinpac.a(binpac_bytestring.cc.o) .comment > usr/lib/libbinpac.a(binpac_bytestring.cc.o) .comment > usr/lib/libbinpac.a(binpac_regex.cc.o) .comment > usr/lib/libbinpac.a(binpac_regex.cc.o) .comment > Probably would be easy enough to remove. > *7. unused override* > bro (2.4.1+dfsg-2+b3; main): > unused-override <https://lintian.debian.org/tags/unused-override.html> > description-starts-with-package-name > I think this is on the maintainer of the package. > *8. extended description is probably too short* > bro-common: > extended-description-is-probably-too-short > <https://lintian.debian.org/tags/extended-description-is-probably-too-short.html> > > *9. ctrl script* (is this really an error? it doesn't seem like one) > broctl (1.4-1): > ctrl-script <https://lintian.debian.org/tags/ctrl-script.html> > postinst > prerm > > btest (0.54-1): > ctrl-script <https://lintian.debian.org/tags/ctrl-script.html> > postinst > prerm > > *10. vcs field uses insecure uri* > trace-summary (0.84-1): > vcs-field-uses-insecure-uri > <https://lintian.debian.org/tags/vcs-field-uses-insecure-uri.html> > vcs-browser http://anonscm.debian.org/cgit/collab-maint/trace-summary.git > vcs-git git://anonscm.debian.org/collab-maint/trace-summary.git > These are out of our control, I believe. --Vlad
_______________________________________________ bro-dev mailing list [email protected] http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
